This project is driven by three goals, in order: simplicity of code, simplicity of use, and speed.

There isn't a lot of exciting development to be done on this package. I have branched it from editreg.c because I wanted something that was 100% read-only, and would be easy to use in scripts for forensic investigations. Making the code easy to understand is very important, in case it needs to be audited for correctness by a legal adversary. It should be simple to use from the command line, so both humans and scripts can easily benefit from it's capabilities. Finally, since it is meant to be a building block for other programs, it should be reasonably fast.

The command line interface has mostly solidified, and I don't expect to be adding many additional features. Right now, making the code efficient and adding documentation are the big outstanding items. I fully expect this code base's development to slow to a crawl after a few releases. (Sometimes when code is done, it should be left that way, with new functionality being put in other programs.)

The next major release will likely include:

• Improved memory management and caching to increase speed.
• More graceful parsing algorithms, to accommodate corrupted registries and possibly even registry fragments.
• Basic test scripts which focus on security issues related to malicious registry files.
• Further regfi API improvements, with better documentation.